PatchSiren cyber security CVE debrief
CVE-2016-9052 Aerospike CVE debrief
CVE-2016-9052 is a critical, network-exploitable memory-corruption issue in Aerospike Database Server 3.10.0.3. According to NVD, a specially crafted packet can trigger a stack-based buffer overflow in the querying path, with remote code execution as the reported impact. The issue is associated with CWE-787 and carries a CVSS 3.1 vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a high-risk exposure when the service is reachable.
- Vendor
- Aerospike
- Product
- CVE-2016-9052
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-01-26
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-01-26
- Advisory updated
- 2026-05-13
Who should care
Administrators and security teams running Aerospike Database Server 3.10.0.3, especially where the service is exposed on a network-accessible port. Application owners, platform engineers, and incident responders should treat externally reachable Aerospike deployments as priority assets until they are verified not to be on the affected version.
Technical summary
NVD describes the flaw as an exploitable stack-based buffer overflow in Aerospike Database Server 3.10.0.3, specifically in the querying functionality and the function as_sindex__simatch_by_iname. The vulnerability is remotely triggerable by sending a specially crafted packet to the service, with no privileges or user interaction required in the CVSS vector. The stated consequence is remote code execution, and NVD maps the weakness to CWE-787 (Out-of-bounds Write).
Defensive priority
Critical. The combination of network reachability, no authentication or user interaction requirement, and the stated remote code execution impact makes this a high-priority remediation item for any exposed Aerospike deployment.
Recommended defensive actions
- Identify all Aerospike Database Server instances and confirm whether any are running version 3.10.0.3.
- Apply the vendor-provided fix or upgrade to a non-vulnerable Aerospike release referenced by vendor guidance.
- Restrict network access to Aerospike service ports so only trusted hosts can connect.
- Place the service behind segmentation and firewall controls if it must remain in use.
- Monitor for unusual connections, crashes, or process anomalies on Aerospike hosts while remediation is underway.
- Validate exposure in staging before rollout, then verify the deployed version after patching.
Evidence notes
The description, affected version, function name, and impact summary come from the supplied NVD-derived corpus for CVE-2016-9052. The corpus lists Aerospike Database Server 3.10.0.3 as vulnerable, references Cisco Talos advisory TALOS-2016-0266, and assigns CWE-787 with CVSS 3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. One third-party reference URL in the source is marked broken.
Official resources
-
CVE-2016-9052 CVE record
CVE.org
-
CVE-2016-9052 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Broken Link, Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry
CVE-2016-9052 was published in the CVE/NVD record on 2017-01-26. The supplied NVD metadata also references Cisco Talos advisory TALOS-2016-0266 as a source reference.